A secure cryptographic system that combines classical ciphers (Polybius and Vigenere) with Ciphertext-Policy Attribute-Based Access Control (CP-ABAC). This system ensures that data is encrypted using a hybrid approach and can only be decrypted by users whose attributes satisfy a specific access policy.
This project is a full-stack application designed to demonstrate a multi-layered encryption process:
- Polybius Square Cipher: Initial transformation of the plaintext.
- Vigenère Cipher: Secondary encryption using a secret key.
- Attribute-Based Access Control: Implementation of access policies that govern who can decrypt the final ciphertext.
- Frontend: React.js, Vite, Lucide Icons, Vanilla CSS
- Backend: Node.js, Express.js
- Tooling: NPM Workspaces
- Node.js (v18 or higher)
- npm (v9 or higher)
-
Clone the repository:
git clone <repository-url> cd ABE
-
Install dependencies for both frontend and backend from the root:
npm install
You can run both parts from the root directory using the following scripts:
-
Frontend (Dev):
npm run dev:frontend
-
Backend (Dev):
npm run dev:backend
The frontend reads backend URL from VITE_API_BASE_URL.
- Create
frontend/.env(or copy fromfrontend/.env.example) - Set:
VITE_API_BASE_URL=http://localhost:5001
- Plaintext Input: The user provides the message to be encrypted.
- Policy Definition: An access policy is assigned (e.g.,
role: "admin", department: "security"). - Hybrid Encryption:
- The message is first processed via a Polybius Square.
- The result is then encrypted using the Vigenere Cipher with a user-provided secret key.
- The Vigenere stage transforms printable ASCII data, so special characters in the encrypted stream are also protected.
- Decryption & Access:
- A receiver must provide the correct secret key.
- The receiver's attributes must match the policy embedded in the encryption for successful decryption.